Web server attack tools

Some of the common web server attack tools include;
  • Metasploit– this is an open source tool for developing, testing and using exploit code. It can be used to discover vulnerabilities in web servers and write exploits that can be used to compromise the server.
  • MPack– this is a web exploitation tool. It was written in PHP and is backed by MySQL as the database engine. Once a web server has been compromised using MPack, all traffic to it is redirected to malicious download websites.
  • Zeus– this tool can be used to turn a compromised computer into a bot or zombie. A bot is a compromised computer which is used to perform internet-based attacks. A botnet is a collection of compromised computers. The botnet can then be used in a denial of service attack or sending spam mails.
  • Neosplit – this tool can be used to install programs, delete programs, replicating it, etc.
How to avoid attacks on Web server
An organization can adopt the following policy to protect itself against web server attacks.
  • Patch management– this involves installing patches to help secure the server. A patch is an update that fixes a bug in the software. The patches can be applied to the operating system and the web server system.
  • Secure installation and configuration of the operating system
  • Secure installation and configuration of the web server software
  • Vulnerability scanning system– these include tools such as Snort, NMap, Scanner Access Now Easy (SANE)
  • Firewalls can be used to stop simple DoS attacks by blocking all traffic coming the identify source IP addresses of the attacker.
  • Antivirus software can be used to remove malicious software on the server
  • Disabling Remote Administration
  • Default accounts and unused accounts must be removed from the system
  • Default ports  & settings (like FTP at port  21) should be changed to custom port & settings (FTP port at 5069)
Hacking Activity: Hack a WebServer
In this practical scenario, we are going to look at the anatomy of a web server attack. We will assume we are targeting  We are not actually going to hack into it as this is illegal. We will only use the domain for educational purposes
Information gathering
We will need to get the IP address of our target and find other websites that share the same IP address.


Based on the above results, the IP address of the target is 69.195.124.112
We also found out that there are 403 domains on the same web server.
Our next step is to scan the other websites for injection vulnerabilities. Note: if we can find a SQL vulnerable on the target, then we would directly exploit it without considering other websites.
  • Enter the into your web browser. This will only work with Bing so don’t use other search engines such as google or yahoo
  • Enter the following search query
ip:69.195.124.112 .php?id=



As you can see from the above results, all the websites using GET variables as parameters for SQL injection have been listed.
The next logic step would be to scan the listed websites for SQL Injection vulnerabilities. You can do this using manual SQL injection or use tools listed in this article on SQL Injection.
Uploading the PHP Shell
We will not scan any of the websites listed as this is illegal. Let’s assume that we have managed to login into one of them.
  • Open the URL where you uploaded the dk.php file.
  • You will get the following window
Once you have access to the files, you can get login credentials to the database and do whatever you want such as defacement, downloading data such as emails, etc.
  • Web server stored valuable information and are accessible to the public domain. This makes them targets for attackers.
  • The commonly used web servers include Apache and Internet Information Service IIS
  • Attacks against web servers take advantage of the bugs and Misconfiguration in the operating system, web servers, and networks
  • Popular web server hacking tools include NeosploitMPack, and ZeuS.
  • A good security policy can reduce the chances of been attacked

Comments

Post a Comment

Popular posts from this blog

⚠️How to create a virus in termux app ?

How to create a android virus in termux app so,lets get started 1. you need to download termux app from play store if yo want so i give the link for this app. Link: http://shrinkearn.com/GaNv 2.after download and install you need to install vbug tool in termux for installing vbug tool u want to follow this cammands a.apt update b.pkg install python python2 c. go to chrome browser and open this url and download vbug.zip file link: http://shrinkearn.com/F4JB after download the file extract it into vbug folder now open termux app give the following commands type 'cd /sdcard' type 'cd vbug' (go to folder that the file was downloaded) again type 'cd vbug' now type 'python2 vbug.py' now the console is opened choose the device u want to make virus for for android type '1' now choose which type of virus u want to make there are 5 types of virus 1.bootloop 2.dataeater 3.freez 4.boomzip 5.elite no...
Read more

List in Python

  List are just like dynamic array, declared in other languages( like vector in c++ and array list in java ). A single list may contain datatype like ( integer, string, boolean, as well as other objects ). List are mutable means they can be changed after it declaration or we can modify or change the list later. List are very import part of the python programming. If you work in python most of the time you use list. So do not forget to practice more on list. Example :- list = [ "codeupon" , 1 , True ] print ( list ) Python Copy Output :- ["codeupon", 1, True] Markup Copy List Methods : – len() method :-  It is used to find the length of the list Example :- list = [ "codeupon" , 1 , True ] print ( len ( list ) ) Python Copy Output :- 2 Markup Copy Adding elements in the list 2.  using append() method :-  Only one item can be added in the list at one time by using append() method. And it added the item to the end of the list. Example :- list = [ ...
Read more

How To Install Metasploit In Termux App ?

Image
If you wish to install the metasploit-framework all by itself You can use a shell script to install it. remember dont turn off your internet connection follow these steps : 1. uninstall termux app 2. Newly install Termux app 3. open Termux app 4. run these commands $ apt update $ apt upgrade $ apt install wget 5. clone metasploit with this command $ wget https://Auxilus.github.io/metasploit.sh $ bash metasploit.sh This script will install the latest version of metasploit-framework. script also include some extras to make updating metasploit faster. If all goes well, i.e. No red colored warnings, you can start metasploit using ./msfconsole. Now take a coffe and sit down and wait 15-20 minutes to install metasploit in termux after installation type this command : $ cd metasploit-framework Now run msfconsole $ ./msfconsole Enjoy metasploit....
Read more